Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You could also imagine a native executable doing the same, which in most cases won’t even have the level of control flow integrity protection WASM will have. I’m not clear what superior alternative you’re comparing with.


Currently WASM has less security protections than native sandboxes, not more. Read security section of the standard.


It has less mitigation than the Chrome or the Linux kernel. It has much better CFI than the vast majority of actual C++ userspace applications.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: